Merge feat/jwt

Feat/jwt

Author: lmeireles

.idea/.gitignore

@@ -18,6 +18,10 @@ config :api_ecommerce, ApiEcommerceWeb.Endpoint,
   render_errors: [view: ApiEcommerceWeb.ErrorView, accepts: ~w(json)],
   pubsub: [name: ApiEcommerce.PubSub, adapter: Phoenix.PubSub.PG2]
 
+config :api_ecommerce, ApiEcommerce.Guardian,
+  issuer: "api_ecommerce",
+  secret_key: "RFl88y/O+rrGqRzWwdTGpsF68o07jhz60tfUnh0mTKhkGpeGo3Adzc8+xDuxXyd5"
+
 # Configures Elixir's Logger
 config :logger, :console,
   format: "$time $metadata[$level] $message\n",

.idea/api-ecommerce.iml

@@ -4,9 +4,10 @@ defmodule ApiEcommerce.Auth do
   """
 
   import Ecto.Query, warn: false
-  alias ApiEcommerce.Repo
 
+  alias ApiEcommerce.Repo
   alias ApiEcommerce.Auth.User
+  alias ApiEcommerce.Guardian
 
   @doc """
   Returns the list of users.
@@ -107,6 +108,7 @@ defmodule ApiEcommerce.Auth do
     query
     |> Repo.one()
     |> verify_password(password)
+    |> gen_token()
   end
 
   defp verify_password(nil, _) do
@@ -116,9 +118,20 @@ defmodule ApiEcommerce.Auth do
 
   defp verify_password(user, password) do
     if Bcrypt.verify_pass(password, user.password_hash) do
-      {:ok, user}
+      user
     else
       {:error, "Wrong username or password"}
     end
   end
+
+  defp gen_token(%User{} = user) do
+    case Guardian.encode_and_sign(user) do
+      {:ok, token, _claims} -> {:ok, user, token}
+      _ -> {:error, :unauthorized}
+    end
+  end
+
+  defp gen_token(error) do
+    error
+  end
 end

.idea/dataSources.xml

@@ -5,8 +5,12 @@ defmodule ApiEcommerce.Auth.User do
   @primary_key {:id, :binary_id, autogenerate: true}
   @foreign_key_type :binary_id
   schema "users" do
+    field :name, :string
     field :email, :string
-    field :is_active, :boolean, default: false
+    field :role, RoleEnum, default: :member
+    field :status, StatusEnum, default: :active
+    field :recovery_token, :string
+    field :recovery_token_created_at, :naive_datetime
     field :password_hash, :string
     field :password, :string, virtual: true
     field :password_confirmation, :string, virtual: true
@@ -17,8 +21,8 @@ defmodule ApiEcommerce.Auth.User do
   @doc false
   def changeset(user, attrs) do
     user
-    |> cast(attrs, [:email, :is_active, :password])
-    |> validate_required([:email, :is_active, :password])
+    |> cast(attrs, [:name, :email, :status, :role, :password, :password_confirmation])
+    |> validate_required([:email, :status, :role, :password, :password_confirmation])
     |> validate_format(:email, ~r/@/)
     |> validate_length(:password, min: 6)
     |> validate_confirmation(:password) # Check that password === password_confirmation
@@ -27,7 +31,9 @@ defmodule ApiEcommerce.Auth.User do
   end
 
   defp put_password_hash(%Ecto.Changeset{valid?: true, changes: %{password: password}} = changeset) do
-    change(changeset, Bcrypt.add_hash(password))
+    changeset
+    |> change(Bcrypt.add_hash(password))
+    |> change(%{password_confirmation: nil})
   end
 
   defp put_password_hash(changeset) do